Firefox containers are a way to navigate the web from multiple browsing sessions in a single window. They unlock functionalities like:
- Authenticate with multiple accounts on a website (e.g. Facebook).
- Perform search queries (e.g. Google) in clean states where previous searches don't influence other searches.
- Prevent potentials CSRF attacks and other types of vulnerabilities because your credentials are segregated by containers.
To unlock these functionalities, we will use Multi-Account Containers which is a Firefox extension that allows us to use tabs in different browsing sessions, called containers, where data are isolated from one another. Let's go!
The first step is to install Multi-Account Containers:
Once installed, click on Multi-Account Containers icon on the top right.
A menu should appear with preexisting containers. When clicking on one of them, a new tab opens, and you should see two things:
- A thin colored border on the bottom of your tab.
- The name and icon of your container in the right of the search bar.
Those two things mean you're browsing in a container. You can assert that it is true by authenticating to Facebook in one container and check that you're not authenticated in another.
You're now able to browse websites with multiple identities 🦾🚀🔥!
But there is more.
Browsing in multiple containers allows you to browse websites with multiple identities, which is fantastic. But we could use this technology moreover by automatically spawning and dropping containers while navigating the web, thus increasing our security and privacy. Think about a new container every time you want to interact with servers on the internet.
To do this, install Temporary Containers from:
By default, Temporary Containers is in a passive mode and opens a new container when clicked. This new container is temporary and will be deleted (along with the data it contains) when no longer used by a tab for a certain amount of time (15 minutes by default).
Temporary Containers has a lot of options to configure to enjoy its power, and thankfully, it supports exporting and importing configurations, so you can download mine from temporary-containers-preferences.json and install it seamlessly. You can then go to Temporary Containers import settings by right-clicking on it, then:
Manage Extension > ... > Preferences > Export/Import
In my configuration, Temporary Containers will create a temporary container in the following cases:
- You navigate in a newly opened tab.
- You navigate to an URL that has a different domain or subdomain from the current one. For example, going from google.com to facebook.com.
Now that we have temporary containers spawning by default, we have to learn how to bypass them because sometimes we need to share data between websites. For example, some websites propose to authenticate via a third party account like google.com or linkedin.com, but navigating from example.org to google.com would create another temporary container isolated from the previous. So we need to create permanent containers, where cross-domains navigation doesn't spawn distinct containers, and which are not automatically deleted.
So let's create a container with Multi-Account Containers named, for example, Google. Once done, click on Temporary Containers and make a container "permanent" by selecting its name in Exclude Permanent Containers.
Now, anything you do in this container will persist, and cross-domains navigation will not spawn new containers.
- Open a new tab in the same container by pressing Alt+X.
- Right-click on a tab or a link to see containers related options.
- Long click on the Create tab button to open a new tab in a specific container.
That's it! You are now completely undetectable... 🤨
Maybe not entirely, but still, we made some progress 🐥.
Note that this style of navigation may introduce irritating website behaviors that require some knowledge to neutralize. Don't worry; I will talk about these measures in the next post. In the meantime, you can reset Temporary Containers settings by going to Advanced > General > Reset Storage.
The next post of this series will talk about how to block and bypass annoying content from the web with some of the following extensions:
- uBlock Origin
- Cookie Quick Manager
Happy browsing 😀👀